Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
LiquidFiles before 4.1.2 supports FTP SITE CHMOD for mode 6777 (setuid and setgid), which allows FTPDrop users to execute arbitrary code as root by leveraging the Actionscript feature and the sudoers configuration.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
Vulnerability Type
关键资源的不正确权限授予
Vulnerability Title
Liquidfiles 安全漏洞
Vulnerability Description
Liquidfiles是美国Liquidfiles公司的一个用于公司和组织的大型安全文件传输和共享的存储服务。 Liquidfiles 4.1.2之前版本存在安全漏洞,该漏洞源于可能导致FTPDrop用户利用Actionscript功能和sudoers配置以root权限执行任意代码。
CVSS Information
N/A
Vulnerability Type
N/A